OAuth Server
This section describes how to use the TIBCO API Exchange Gateway OAuth server.
The OAuth 2.0 framework enables a third party application to access private data to which a user has granted permission. OAuth 2.0 is an open standard for authorization that allows a third party application user to share data from a site that owns data, without exposing any credentials to the application that is being accessed. TIBCO API Exchange Gateway supports the OAuth 2.0 framework.
The OAuth 2.0 Authorization Framework specification can be found at the following location:
https://tools.ietf.org/html/draft-ietf-oauth-v2-31.
The following topics are explained:
- Capabilities of the OAuth Server
- OAuth Client Policies
- OAuth 2.0 Concepts
- Benefits of using the OAuth Server
- OAuth Server Components and Interactions
This section describes the main components of OAuth server and the interactions between the components. - OAuth Flows
The OAuth server supports the following OAuth flows: - Configuration Setup of OAuth Server Authorization
This section explains the configuration setup required to use the OAuth server. - Manage Access Token
- Accessing Token Persistence
- Enabling OAuth for Application using TIBCO API Exchange Manager
- Authorization API
The OAuth server provides the following API to authorize a request: - Token Request API
To request an access token from the OAuth server, use the following API: - Token Validation API
To validate an access token issued by the authorization server of TIBCO API Exchange Gateway, use the following API: - Retrieve Access Token
The authorization server maintains the list of tokens that it has issued. The tokens can be retrieved using the REST API. - Revoke Token API
Send a revoke token request to remove the client permissions associated with a valid token. - OAuth Service Provider Interfaces
Overview of OAuth service provider interfaces.
Copyright © Cloud Software Group, Inc. All rights reserved.